Subject: Re: Not really an advocacy :-(
To: None <netbsd-advocacy@netbsd.org, tech-security@netbsd.org>
From: Jan Schaumann <jschauma@netbsd.org>
List: netbsd-advocacy
Date: 06/21/2002 11:28:16
"Ing.,BcA. Ivan Dolezal" <ivan.dolezal@vsb.cz> wrote:
> June 19, 2002
>
> - FBI's National Infrastructure Protection Center Advisory
> - Linux Weekly News report
> - Apache releases 1.3.26
> - Debian, Red Hat Linux release their packages (for free)
> - "Package apache-1.3.24 has a remote-root-shell vulnerability"
> message from audit-packages
http://www.netbsd.org/Changes/#apache-pkg
> ...problem still not mentioned at netbsd.org/Security/
AFAIK, we stopped making Security *advisories* for packages.
> ...problem still not mentioned at
> ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/apache/README.html
> (last audit from Jun 6 05:00)
True.
> ...insecure 1.3.24 still available from the package collection
cvs update
-Jan
--
http://www.netbsd.org -
Multiarchitecture OS, no hype required.